What It’s Like to Get a National-Security Letter

In the summer of 2011, while he was fighting an indictment for alleged computer crimes, Aaron Swartz, an information activist, read Kafka’s “The Trial” and commented on it at his Web site.

A deep and magnificent work. I’d not really read much Kafka before and had grown up led to believe that it was a paranoid and hyperbolic work, dystopian fiction in the style of George Orwell. Yet I read it and found it was precisely accurate—every single detail perfectly mirrored my own experience. This isn’t fiction, but documentary.

Swartz committed suicide a year and a half later. (Larissa MacFarquhar told the story of the end of his life in a piece for The New Yorker; Swartz was also involved in developing what became the magazine’s Strongbox.) His words came back to me in force last week when I spoke with Brewster Kahle, the founder of the nonprofit Internet Archive, perhaps the greatest of our digital libraries, and of the Wayback Machine, which allows you to browse an archive of the Web that reaches back to 1996. He is one of very few people in the United States who can talk about receiving a national-security letter. These letters are one of the ways government agencies, in particular the F.B.I., can demand data from organizations in matters related to national security. They do not require prior approval from a judge, only the assertion that the information demanded is relevant to a national-security investigation. Recipients of a national-security letter typically are not allowed to disclose it.

Google, which has recently challenged them in court, has been advocating for greater transparency about its receipt of the letters; it revealed that it had received between zero and nine hundred and ninety-nine national-security letters each year from 2009 to 2012.

Hundreds of thousands of national-security letters have been sent. But only the plaintiffs in the three successful challenges so far—Kahle; Nicholas Merrill, of Calyx Internet Access; and the Connecticut librarians George Christian, Barbara Bailey, Peter Chase, and Janet Nocek—are known to have had them rescinded, together with all or part of their related gag orders, according to Nate Cardozo, a staff attorney at the Electronic Frontier Foundation. In March of this year, as the result of a petition, brought by the E.F.F. on behalf of an unidentified telephone-service provider, the federal judge Susan Illston ruled that the gag-order provisions of national-security letters violate First Amendment rights, and ordered the government to stop issuing them. The order was stayed for long enough for the government to appeal to the Ninth Circuit Court.

Meanwhile, Kahle is one of a handful of people who can publicly discuss getting such a letter.

The lawyers for the Internet Archive asked to have a private meeting, with no one else there but me. And they said, we’ve just received a national-security letter, to find out a lot of detailed information about a patron of the Internet Archive.

They were sort of grim: “Let’s lock the doors, you’ll be the only person who hears about this.” They said that, according to the law, you have to give them the information they want, and you can only talk to people such that you can fulfill this request. Other than that, there’s nothing else you can do, and then you can’t ever mention it to anybody, ever.

So I asked, “Can I bring this up with my board?” And the answer is no. Could I discuss it with my wife? The answer is no, not without risking being put in prison for years.

How would that even go down? Say your wife wanted to turn you in: “He told me.” Whom would she even tell?

Libraries have had a long history of dealing with authoritarian organizations demanding reader records—who’s read what—and this has led to people being rounded up and killed. As a librarian, you take this very, very seriously. So, when you get demands for information about a patron’s activities, there are things that sort of flash before your mind. Where am I? What century is this? What country am I in?

It was just somebody in the government, in the F.B.I., saying that they wanted this information. It wasn’t a court order; it wasn’t a subpoena. There are all sorts of ways that you ask a librarian questions. And this is not one of them! We’re here to serve, and to answer questions!

Then the lawyers said the only thing you can do—and there’s a risk to it—is to challenge it in court: sue the U.S. government. There is no appeals process; there is no discussion. The only thing you can do is to sue them. As I understand it, that leads to a delay, and that only makes you [look] more guilty of whatever it is they want to accuse you of, should you lose. You’re going into risky territory, just by not complying and not shutting up about it.

How long did it take? Did the documents have to be prepared in secret? Were you scared?

Thank goodness that there are organizations like the Electronic Frontier Foundation. They took it up, [along with] the A.C.L.U. of Northern California. Again, they advised me to not even ask my board whether or not I can do this. So this is, in some sense, really putting myself at risk personally. Here I am, trying to make a decision as to whether or not we should sue the United States government over a secret demand for information, on my own.

Did you tell your wife?

No! I couldn’t!

And is she now going, “What’s wrong? Why are you white as a sheet?”

I did go home that night and over dinner with my family, I said, “Ask me what it was I did today, and remember my answer.” So my son, who was, I don’t know, nine, or something like that, asked me, “Daddy, what did you do today?” And I said, “I can’t tell you.” That was the only thing I said, and then months and months and months went by.

The Internet Archive has the fortune of having really good ties to the A.C.L.U. and the E.F.F. Can you imagine if you’re some small company, or some small library? What do you do?

But the Internet Archive works closely with the National Archives and with the Library of Congress. What are they going to think? What does it mean, to sue the United States government? So we sued, and had to do it very fast, because the lawyers had to do it by the document-demand date. They filed suit, and then the government very quickly said that they wanted out. They didn’t need this information after all.

How long did it take between the time you guys filed and the time they backed out?

What do you think about the people with whom you interfaced on the government side? Did they seem reasonable?

We’ve had lots of interactions with people from the government. These guys were reasonable. But, you know, the whole story in some sense started six months before this demand came in.

How so?

Six months before, we got a notice from the San Francisco F.B.I., saying they were going to give us a national-security letter. These guys in black suits come to the door, and they’re talking to the office manager, who said, uh, you’re talking to the wrong person. We scratched our heads. We called the E.F.F.

And we couldn’t figure out why they would say they were going to give us this letter! Kind of an odd thing to do. You either do, or you don’t; and they didn’t. So we decided to tell them: if you give us one of these, we will fight it. And they didn’t give us one, not at that time. It was later that they did.

A different one, or the same one, do you think?

I think it’s probably a different one. The government is not one monolithic thing. It’s a bunch of people, thinking they’re doing their jobs.

We were a little bit psychologically prepared. Then when we got one of these things, it was like, “Well, this one’s for real.”

Eventually, we negotiated the release of documents. That way, when it came out, it would be a cookbook, for others in my position. Because this is really, really scary. If you’re in my position, the only thing that you can really turn to is asking questions on the Internet—that you hope is not being spied upon. We wanted it such that people who looked this stuff up could basically get an idea of how one organization had dealt with it.